Product(s): CloudDefense.AI
Overall Comment:"The CNAPP solution by CLoudDefense.I has changed the way we think about cloud security posture. its unique design incorporates 3 distinct views (app code level scanning, cloud resource monitoring, and outside view of our env - AKA "Hacker View"), for creating a holistic view of our cloud environment and a comprehensive understanding of the issues we face (vulnerabilities, misconfigurations, improper access, etc.) What truly set CloudDefense apart of the unified protection across all aspects of our cloud env - infra, workloads, app + data, APIs, containers, even identities and access policies, etc. Here is what CloudDefense changed for us: 1) We can replace multiple scanners & monitoring solutions with 1 unified tooling - the agent-less approach and the SaaS offering simplifies the work we need to do and help us to save money. 2) Now we have automated scanning but also automatically generated scripts for fixing the vulnerabilities or misconfigurations that are found. 3) Previously, the prioritization was quite a guessing game for us - now, we have an intelligent prioritization that help is concentrate our efforts exactly where it is most critical, and we have scripts ready to apply (well... we review each one, but we quickly gain confidence in the auto-generation capabilities) 4) Increased visibility -to both tech and business owners - with such comprehensive reporting, it is much easier to show to internal management /stakeholders as well as to our clients what are the exact issues, what needs to be prioritized, and where we are short on resources (people or money) In short - CloudDefense.ai has been a game changer for our cloud security."
I like the CNAPP from CloudDefense for a few reasons: 1) Unified experience - it is our one-stop-shop for holistic cloud security posture monitoring and reporting / summarization in a single consolidated UI. Unlike juggling multiple tools, it offers a comprehensive protection across our entire cloud environment - from infra and workloads, app + data, to APIs, containers, access mgmt, etc. The 3 pronged approach I described above with code scanning, cloud resource monitoring, and the external "hacker view" provide deep vulnerabilities insights across the entire cloud env that we can manage from a single UI. 2) Streamlined security & proactive risk reduction capabilities. CloudDefense empowers us to "shift Left" our security with early vulnerability detection and automated fix generation, minimizing risks before they escalate. It is easy to show to business stakeholders what issues we have and where we spent out time. The agent-less SaaS platform reduced out internal complexities while the built-in compliance (based on policies) simplifies the regulatory burdens. Plus, it is quite nice to have a clear automatic prioritization done based on real data. 3) Enhanced monitoring of all cloud resources - features like end-to-end visibility, unified UI and use experience, real-time graphics, noise reduction boost security monitoring efficiency. Additionally, expert threat hunting capabilities and seamless scalability ensure advance defense as our could env grows.
it will be interesting to see if the product could expand its reporting functionality to include custom dashboards or exportable data. Also, not sure if the team plans to provide a customization for higher level security Pros - like Security Researchers, who might need more tailored capabilities.